Microsoft has patched another 117 CVEs, returning to volumes seen in early 2021 and most of 2020. It would appear that the recent trend of approximately 50 vulnerability fixes per month was not indicative of a slowing pace. This month there were 13 vulnerabilities rated Critical with nearly the rest being rated Important. Thankfully, none of the updates published today require additional steps to remediate, so administrators should be able to rely on their normal patching process. Once CVE-2021-34527 has been remediated, priority should be to patch public facing DNS and Exchange servers, followed by Workstations, SharePoint servers, and finally Office applications.

It seems like the PrintNightmare is nearly over. While the past two weeks have been a frenzy for the security community there has been no new information since the end of last week when Microsoft made a final revision to their guidance on CVE-2021-34527. If you haven’t patched this yet, this is your daily reminder. For further details please see our blog on the topic.

Multiple Critical DNS Vulnerabilities Patched

Administrators should focus their efforts on the 11 vulnerabilities in Windows DNS server to reduce the most risk. The two most important of these vulnerabilities are CVE-2021-34494 and CVE-2021-33780. Exploitation of either of these vulnerabilities would result in Remote Code Execution with SYSTEM privileges without any user interaction via the network. Given the network exposure of DNS servers these vulnerabilities could prove to be troublesome if an exploit were to be developed. Microsoft lists CVE-2021-33780 as “Exploitation More Likely” so it may only be a matter of time before attackers attempt to make use of these flaws.

New Exchange Updates Available

Only 4 of the 7 Exchange CVEs being disclosed this month are new. The two most severe vulnerabilities were patched in back in April and were mistakenly not disclosed. This means that if you applied the April 2021 updates you will not need to take any action for CVE-2021-34473, CVE-2021-34523, or CVE-2021-33766. Of the 4 newly patched vulnerabilities the most notable is CVE-2021-31206, a remote code execution flaw discovered in the recent Pwn2Own competition.

Scripting Engine Exploited in the Wild

Exploitation of CVE-2021-34448 has been observed in the wild by researchers. There are no details on the frequency or spread of this exploit. This vulnerability requires the user to visit a link to download a malicious file. As with other vulnerabilities that require user interaction, strong security hygiene is the first line of defense.

Summary Tables

Here are this month's patched vulnerabilities split by the product family.

Apps Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-33753 Microsoft Bing Search Spoofing Vulnerability No No 4.7 Yes

Developer Tools Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-34528 Visual Studio Code Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-34529 Visual Studio Code Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-34477 Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33767 Open Enclave SDK Elevation of Privilege Vulnerability No No 8.2 Yes
CVE-2021-34479 Microsoft Visual Studio Spoofing Vulnerability No No 7.8 No

Exchange Server Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability No Yes 9.1 No
CVE-2021-31206 Microsoft Exchange Server Remote Code Execution Vulnerability No No 7.6 Yes
CVE-2021-31196 Microsoft Exchange Server Remote Code Execution Vulnerability No No 7.2 No
CVE-2021-34523 Microsoft Exchange Server Elevation of Privilege Vulnerability No Yes 9 No
CVE-2021-33768 Microsoft Exchange Server Elevation of Privilege Vulnerability No No 8 Yes
CVE-2021-34470 Microsoft Exchange Server Elevation of Privilege Vulnerability No No 8 Yes
CVE-2021-33766 Microsoft Exchange Information Disclosure Vulnerability No No 7.3 Yes

Microsoft Dynamics Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-34474 Dynamics Business Central Remote Code Execution Vulnerability No No 8 Yes

Microsoft Office Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-34452 Microsoft Word Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-34517 Microsoft SharePoint Server Spoofing Vulnerability No No 5.3 No
CVE-2021-34520 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 8.1 No
CVE-2021-34467 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 7.1 No
CVE-2021-34468 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 7.1 Yes
CVE-2021-34519 Microsoft SharePoint Server Information Disclosure Vulnerability No No 5.3 Yes
CVE-2021-34469 Microsoft Office Security Feature Bypass Vulnerability No No 8.2 Yes
CVE-2021-34451 Microsoft Office Online Server Spoofing Vulnerability No No 5.3 Yes
CVE-2021-34501 Microsoft Excel Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-34518 Microsoft Excel Remote Code Execution Vulnerability No No 7.8 Yes

SQL Server Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-31984 Power BI Remote Code Execution Vulnerability No No 7.6 Yes

System Center Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-34464 Microsoft Defender Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-34522 Microsoft Defender Remote Code Execution Vulnerability No No 7.8 Yes

Windows Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-33772 Windows TCP/IP Driver Denial of Service Vulnerability No No 7.5 No
CVE-2021-34490 Windows TCP/IP Driver Denial of Service Vulnerability No No 7.5 No
CVE-2021-33744 Windows Secure Kernel Mode Security Feature Bypass Vulnerability No No 5.3 No
CVE-2021-33763 Windows Remote Access Connection Manager Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-34454 Windows Remote Access Connection Manager Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-33761 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33773 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34445 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33743 Windows Projected File System Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34493 Windows Partition Management Driver Elevation of Privilege Vulnerability No No 6.7 No
CVE-2021-33740 Windows Media Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-34458 Windows Kernel Remote Code Execution Vulnerability No No 9.9 Yes
CVE-2021-34508 Windows Kernel Remote Code Execution Vulnerability No No 8.8 No
CVE-2021-33771 Windows Kernel Elevation of Privilege Vulnerability Yes No 7.8 No
CVE-2021-31961 Windows InstallService Elevation of Privilege Vulnerability No No 6.1 Yes
CVE-2021-34450 Windows Hyper-V Remote Code Execution Vulnerability No No 8.5 Yes
CVE-2021-33758 Windows Hyper-V Denial of Service Vulnerability No No 7.7 No
CVE-2021-33755 Windows Hyper-V Denial of Service Vulnerability No No 6.3 No
CVE-2021-34466 Windows Hello Security Feature Bypass Vulnerability No No 5.7 Yes
CVE-2021-34438 Windows Font Driver Host Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-34455 Windows File History Service Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33774 Windows Event Tracing Elevation of Privilege Vulnerability No No 7 No
CVE-2021-33759 Windows Desktop Bridge Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34525 Windows DNS Server Remote Code Execution Vulnerability No No 8.8 No
CVE-2021-34461 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34488 Windows Console Driver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33784 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34462 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability No No 7 No
CVE-2021-34459 Windows AppContainer Elevation Of Privilege Vulnerability No No 7.8 No
CVE-2021-33785 Windows AF_UNIX Socket Provider Denial of Service Vulnerability No No 7.5 No
CVE-2021-33779 Windows ADFS Security Feature Bypass Vulnerability No Yes 8.1 Yes
CVE-2021-34491 Win32k Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-34449 Win32k Elevation of Privilege Vulnerability No No 7 No
CVE-2021-34509 Storage Spaces Controller Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-34460 Storage Spaces Controller Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34510 Storage Spaces Controller Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34512 Storage Spaces Controller Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34513 Storage Spaces Controller Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33751 Storage Spaces Controller Elevation of Privilege Vulnerability No No 7 No
CVE-2021-34521 Raw Image Extension Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-34439 Microsoft Windows Media Foundation Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-34503 Microsoft Windows Media Foundation Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-33760 Media Foundation Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-31947 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-33775 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-33776 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-33777 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-33778 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-34489 DirectWrite Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-33781 Active Directory Security Feature Bypass Vulnerability No Yes 8.1 No

Windows ESU Vulnerabilities

CVE Title Exploited Disclosed CVSS3 FAQ
CVE-2021-31183 Windows TCP/IP Driver Denial of Service Vulnerability No No 7.5 No
CVE-2021-33757 Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability No No 5.3 Yes
CVE-2021-33783 Windows SMB Information Disclosure Vulnerability No No 6.5 Yes
CVE-2021-34507 Windows Remote Assistance Information Disclosure Vulnerability No No 6.5 Yes
CVE-2021-34457 Windows Remote Access Connection Manager Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-34456 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability Yes Yes 8.8 Yes
CVE-2021-34497 Windows MSHTML Platform Remote Code Execution Vulnerability No No 6.8 Yes
CVE-2021-34447 Windows MSHTML Platform Remote Code Execution Vulnerability No No 6.8 Yes
CVE-2021-33786 Windows LSA Security Feature Bypass Vulnerability No No 8.1 Yes
CVE-2021-33788 Windows LSA Denial of Service Vulnerability No No 7.5 No
CVE-2021-33764 Windows Key Distribution Center Information Disclosure Vulnerability No No 5.9 Yes
CVE-2021-34500 Windows Kernel Memory Information Disclosure Vulnerability No No 6.3 Yes
CVE-2021-31979 Windows Kernel Elevation of Privilege Vulnerability Yes No 7.8 No
CVE-2021-34514 Windows Kernel Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33765 Windows Installer Spoofing Vulnerability No No 6.2 No
CVE-2021-34511 Windows Installer Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34446 Windows HTML Platforms Security Feature Bypass Vulnerability No No 8 No
CVE-2021-34496 Windows GDI Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-34498 Windows GDI Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-33749 Windows DNS Snap-in Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-33750 Windows DNS Snap-in Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-33752 Windows DNS Snap-in Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-33756 Windows DNS Snap-in Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-34494 Windows DNS Server Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-33780 Windows DNS Server Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-33746 Windows DNS Server Remote Code Execution Vulnerability No No 8 No
CVE-2021-33754 Windows DNS Server Remote Code Execution Vulnerability No No 8 No
CVE-2021-34442 Windows DNS Server Denial of Service Vulnerability No No 7.5 Yes
CVE-2021-34444 Windows DNS Server Denial of Service Vulnerability No No 6.5 Yes
CVE-2021-34499 Windows DNS Server Denial of Service Vulnerability No No 6.5 No
CVE-2021-33745 Windows DNS Server Denial of Service Vulnerability No No 6.5 Yes
CVE-2021-34492 Windows Certificate Spoofing Vulnerability No Yes 8.1 No
CVE-2021-33782 Windows Authenticode Spoofing Vulnerability No No 5.5 No
CVE-2021-34504 Windows Address Book Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-34516 Win32k Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-34448 Scripting Engine Memory Corruption Vulnerability Yes No 6.8 Yes
CVE-2021-34441 Microsoft Windows Media Foundation Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-34440 GDI+ Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-34476 Bowser.sys Denial of Service Vulnerability No No 7.5 No

Summary Graphs